Update Flash, Shockwave ASAP! Adobe also patches Acrobat and Reader

(Correction:) Surprise updates to Adobe Flash Player and Shockwave Plaer address critical vulnerabilities at high risk of exploit. Less urgent, but still serious updates for Adobe Acrobat and Reader are also available.

Adobe today released security updates for Flash Player, AIR, Shockwave Player, Acrobat and Reader. The updates for Flash Player and Shockwave Player on Windows and Mac address a vulnerability which Adobe classifies as Priority 1, which indicates that it is being exploited in the wild at a high risk of exploit.

The updated versions of Flash Player on Windows and Mac are 11.8.800.168 and 11.7.700.242. Earlier 11.7 and 11.8 versions are vulnerable. Updates are also available for Flash Player on Linux and Android, as well as Adobe AIR and the Adobe AIR SDK. These are not as severe and updating is not as high a priority.

The updates for Reader and Acrobat are classified as less urgent. They are important vulnerabilities, but not being exploited.

The affected versions of Flash and AIR are:

Adobe Flash Player 11.8.800.94 and earlier versions for Windows and Macintosh

Adobe Flash Player 11.2.202.297 and earlier versions for Linux

Adobe Flash Player 11.1.115.69 and earlier versions for Android 4.x

Adobe Flash Player 11.1.111.64 and earlier versions for Android 3.x and 2.x

Adobe AIR 3.8.0.870 and earlier versions for Windows and Android

Adobe AIR 3.8.0.910 and earlier versions for Macintosh

Adobe AIR 3.8.0.870 SDK & Compiler and earlier versions for Windows

Adobe AIR 3.8.0.910 SDK & Compiler and earlier versions for Macintosh

The affected versions of Adobe Reader and Acrobat are:

Adobe Reader and Acrobat X (10.1.7) and earlier versions for Windows and Macintosh

Adobe Reader and Acrobat XI (11.0.03) and earlier versions for Windows and Macintosh

Users can update to the latest version of Adobe Flash Player at http://get.adobe.com/flashplayer. Users can update Adobe Reader and Acrobat from the Help menu ("Check for Updates...")

(Correction: An earlier version of this story stated that the Flash and Shockwave updates were being exploited in the wild. They are not; they are at a high risk of exploit.)

Thank You

By registering you become a member of the CBS Interactive family of sites and you have read and agree to the Terms of Use, Privacy Policy and Video Services Policy. You agree to receive updates, alerts and promotions from CBS and that CBS may share information about you with our marketing partners so that they may contact you by email or otherwise about their products or services.
You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.